Hello,
is there a mybb exploit on the loose?
I was speaking with an admin of a forum i use which was hacked twice within a week and he said there was a mybb exploit being used. Is this he's excuse to not look like a dumb lime or is it true?
There was an exploit which made it possible to take over accounts.
Quote:Usage of weak random number generation in password reset
functionality allows predicting the password reset token
and the randomly generated password, which results in
account takeover.
1.4.12 fixed this.
Make sure your always using the latest version and you shouldn't have a problem
(2010-04-14, 02:50 AM)i88power88 Wrote: [ -> ]Hello,
is there a mybb exploit on the loose?
I was speaking with an admin of a forum i use which was hacked twice within a week and he said there was a mybb exploit being used. Is this he's excuse to not look like a dumb lime or is it true?
(biohazard
)
No admin accounts were compromised, nor the FTP/cpanel. And the admin CP was set to the admins IP's.
The site was shelled some how, and it was up todate, (besides the the update that was released yesterday, but it was hacked before that)
(2010-04-14, 06:13 PM)poblo10 Wrote: [ -> ] (2010-04-14, 02:50 AM)i88power88 Wrote: [ -> ]Hello,
is there a mybb exploit on the loose?
I was speaking with an admin of a forum i use which was hacked twice within a week and he said there was a mybb exploit being used. Is this he's excuse to not look like a dumb lime or is it true?
(biohazard )
No admin accounts were compromised, nor the FTP/cpanel. And the admin CP was set to the admins IP's.
The site was shelled some how, and it was up todate, (besides the the update that was released yesterday, but it was hacked before that)
lol
ha xD
yea i'm trying to figure that out :\